Saturday, February 11, 2012

Installing WPScan in BT

WPScan installation.



sudo apt-get install libcurl4-gnutls-dev rubygems1.8 ruby
sudo gem install typhoeus
sudo gem install xml-simple

apt-get install wpscan

cd /pentest/web/wpscan/


Do 'non-intrusive' checks...

ruby ./wpscan.rb --url

Do wordlist password brute force on enumerated users using 50 threads...

ruby ./wpscan.rb --url --wordlist darkc0de.lst --threads 50

Do wordlist password brute force on the 'admin' username only...

ruby ./wpscan.rb --url --wordlist darkc0de.lst --username admin

Generate a new 'most popular' plugin list, up to 150 pages...

ruby ./wpscan.rb --generate_plugin_list 150

Enumerate instaled plugins...

ruby ./wpscan.rb --url --enumerate p

No comments:

Post a Comment